ansible-debops-infrastructure

Unnamed repository; edit this file 'description' to name the repository.
git clone git://git.erethon.com/ansible-debops-infrastructure
Log | Files | Refs

commit cd2ebf9e9d6f0ff44c1f334a8a24583d61fab99b
parent 7b00470096c8d3257c69854203d6d940a576b32e
Author: Dionysis Grigoropoulos <dgrig@erethon.com>
Date:   Thu, 10 May 2018 22:56:06 +0300

f.erethon.com: Update role, integrate with haproxy

Diffstat:
ansible/inventory/group_vars/f.erethon.com/all.yml | 4++++
ansible/roles/f.erethon.com/tasks/main.yml | 11+++++------
ansible/roles/haproxy/templates/haproxy.cfg.j2 | 7++++++-
3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/ansible/inventory/group_vars/f.erethon.com/all.yml b/ansible/inventory/group_vars/f.erethon.com/all.yml @@ -0,0 +1,4 @@ +--- + +files__private_ip: '192.168.122.4' +files__port: '28081' diff --git a/ansible/roles/f.erethon.com/tasks/main.yml b/ansible/roles/f.erethon.com/tasks/main.yml @@ -1,14 +1,13 @@ --- - name: f.erethon.com nginx docker - docker: + docker_container: name: f.erethon.com image: nginx - state: restarted + state: started restart_policy: always - pull: always + pull: true ports: - - 127.0.0.1:18081:80 + - "{{ files__private_ip }}:{{ files__port }}:80" volumes: - - /data/volumes/files:/usr/share/nginx/html:ro - - /data/volumes/files/nginx.conf:/etc/nginx/nginx.conf:ro + - "{{ docker__volumes_location }}/f.erethon.com:/usr/share/nginx/html:ro" diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2 @@ -52,19 +52,24 @@ frontend eighty redirect scheme https if !{ ssl_fc } frontend ssl - bind *:443 ssl crt /etc/ssl/private/plothopes.com/plothopes.pem ssl crt /etc/ssl/private/erethon.com/capitalism.pem ssl crt /etc/ssl/private/erethon.com/erethon.pem + bind *:443 ssl crt /etc/ssl/private/plothopes.com/plothopes.pem ssl crt /etc/ssl/private/erethon.com/capitalism.pem ssl crt /etc/ssl/private/erethon.com/erethon.pem ssl crt /etc/ssl/private/erethon.com/f.pem mode http http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload http-request set-header X-Forwarded-Proto https if { ssl_fc } use_backend local if { url_beg /.well-known } use_backend plothopes if { hdr(host) -i plothopes.com -i www.plothopes.com } + use_backend f.erethon.com if { hdr(host) -i f.erethon.com } use_backend static if { hdr(host) -i capitalism.erethon.com -i hacked.erethon.com -i erethon.com -i www.erethon.com } backend plothopes mode http server plothopes {{ plothopes__private_ip }}:{{ plothopes__port }} +backend f.erethon.com + mode http + server f.erethon.com {{ files__private_ip }}:{{ files__port }} + backend static mode http server webd {{ static__private_ip }}:80